We previously carried out an announced comprehensive inspection in November 2017 and an announced focused inspection in September 2018 of DiMedic Limited. The full reports for these inspections can be found by selecting the ‘all services’ link for DiMedic Limited on our website at www.cqc.org.uk.

We carried out this announced comprehensive inspection at DiMedic Limited on 30 September 2019 as part of our inspection programme and in accordance with our updated methodology to inspect all key questions and provide a quality rating.

DiMedic Ltd provides an online clinic, consultation, treatment and prescribing service for a limited number of medical conditions to patients primarily from England, Poland and Germany. The providers website was in Polish but could be translated into English by clicking on a drop-down button.

At this inspection we found:

The service had good systems to manage risk so that safety incidents were less likely to happen. When they did happen, the service learned from them and improved their processes.

The service routinely reviewed the effectiveness and appropriateness of the care it provided. However, there was limited clinical audit carried out within the service. They ensured that care and treatment was delivered according to evidence- based guidelines.

Staff involved and treated people with compassion, kindness, dignity and respect.

The provider organised and delivered services to meet patients’ needs. They considered carefully the range of services they delivered to patients to ensure this could be done effectively and safely. They took account of patient needs and preferences.

There was a clear vision and strategy to deliver high quality, sustainable care.

The areas where the provider should make improvements are:

Improve recruitment records so they are routinely maintained in line with legislative requirements.

Improve the requirement for identity checks so the risks are managed where patients request medicines which have a higher risk level, such as obesity or thyroid conditions.

Improve the prescribing for cystitis to reduce any risks to patients whilst they wait for a prescription to be sent to them via post

Develop a clinical audit strategy to ensure the service is monitoring and taking action to improve outcomes for patients.

Develop and implement processes, in line with GMC guidance, for communicating with patients who choose not to consent to information about their consultation with the service being shared with their registered GP.

Develop arrangements for storage of legacy medical records in line with retention policies in the event the service should cease trading.

Dr Rosie Benneyworth BM BS BMedSci MRCGP

Chief Inspector of Primary Medical Services and Integrated Care

Inspection report

Download full report

Inspection areas

Safe

Good

Updated 25 November 2019

We rated safe as Good because:

The service had good systems to manage risk so that safety incidents were less likely to happen. When they did happen, the service learned from them and improved their processes. There were systems to ensure the proper and safe prescribing of medicines. There was a focus on evidence-based prescribing to safeguard patients.

Keeping people safe and safeguarded from abuse

Staff employed at the headquarters had received training in safeguarding and whistleblowing and knew the signs of abuse. All staff had access to the safeguarding policies and where to report a safeguarding concern. The policy included details of how to contact relevant local authorities via their websites should concerns arise in relation to patient’s who reside in England. All the doctors had received adult and level three child safeguarding training. It was a requirement for the doctors registering with the service to provide evidence of up to date safeguarding training certification.

The service did not treat children and there were arrangements in place to ensure children under the age of eighteen were unable to register for the service.

Monitoring health & safety and responding to risks

The provider held regular whole staff team meetings to discuss significant events, complaints, IT development and other relevant issues.

Prescriptions were double checked by both the doctor and by another member of staff (this was normally either the registered manager who was also a pharmacist or deputy manager) before being issued. A process was in place to enable the doctor to request further information from a patient if any risk was identified or incomplete medical questionnaires had been submitted.

The provider headquarters was located within a modern office accommodation which housed all of the staff. Patients were not treated on the premises as the doctors carried out the online consultations remotely. Staff had undertaken training in health and safety and fire safety. Each staff member used an encrypted, password secure laptop to log into the operating system, which was a secure programme.

There were processes in place to manage any emerging medical issues during a consultation. The service was not intended for use by patients with either long term conditions or as an emergency service.

All clinical consultations were rated by the doctors for risk and further discussions took place with the patient, where necessary, to inform the safety of prescribing. Where the doctor decided they could not safely prescribe the requested treatment, they refused service and directed the patient to contact their primary care provider for any follow up needed.

A range of clinical and non-clinical meetings were held with staff, where standing agenda items covered topics such as significant events, complaints and service issues. Clinical meetings also included case reviews and clinical updates. We saw evidence of meeting minutes to show where some of these topics had been discussed, for example, an annual discussion of significant events and clinical pathways in line with national guidance.

Staffing and Recruitment

There were enough staff, including doctors, to meet the demands for the service and there was a rota for the doctors. There was a support team available to the doctors during consultations and a contracted IT service for any technical support. The prescribing doctors were paid on a sessional basis.

The provider had a selection and recruitment process in place for all staff. There were a number of checks that were required to be undertaken prior to commencing employment, such as references and Disclosure and Barring Service (DBS) checks. (DBS checks identify whether a person has a criminal record or is on an official list of people barred from working in roles where they may have contact with children or adults who may be vulnerable.)

Potential GPs and non-GP doctors had to be currently working in the NHS and be registered with the General Medical Council (GMC). They had to provide evidence of having professional indemnity cover, an up to date appraisal and certificates relating to their qualification and training in safeguarding and the Mental Capacity Act.

Newly recruited doctors were supported during their induction period and an induction plan was in place to ensure all processes had been covered. We were told that doctors did not start consulting with patients until they had successfully completed induction and were mentored and given support from the clinical director during initial consultations.

We reviewed two recruitment files. The provider was not able to provide a copy of all recruitment information during the inspection but made this available to us within a few days of the inspection. The doctors could not be registered to start any consultations until these checks and induction training had been completed. The provider kept records of all staff including the doctors and there was a system in place that flagged up when any documentation was due for renewal such as their professional registration.

Prescribing safety

All medicines prescribed to patients from online forms were monitored by the provider to ensure prescribing was evidence based. If a medicine was deemed necessary following an online consultation, the doctors could issue a private prescription to patients. The doctors could only prescribe from a set list of medicines which the provider had risk-assessed. There were no controlled drugs, pain relief or high-risk medicines on this list. The provider did not prescribe any unlicensed medicines or medicines for unlicensed indications. (Medicines are given licences after trials have shown they are safe and effective for treating a particular condition. Use of a medicine for a different medical condition that is listed on their licence is called unlicensed use and is a higher risk because less information is available about the benefits and potential risks.) The service encouraged good antimicrobial stewardship by only prescribing one antibiotic for a very limited period of time, which was based on national guidance. However, as the service did not issue emergency prescriptions, there was a three-day period before patients received a prescription for antibiotics for cystitis through the post. Although the service provided patients with information on what to do if their symptoms got worse, we were concerned this delay in receiving treatment could be detrimental to the health and wellbeing of the patient.

The provider did not prescribe any medicines in an emergency. Where a patient requested this, they were sign posted back to their local primary care service.

The service’s website advertised which medicines were available and there were systems in place to prevent the misuse of these medicines. Computer algorithms were in place to prevent, for example:

Repeat prescription overuse

Patients trying to register using multiple accounts

Contraindications for certain medicines

Treatment of patients with complex comorbidity

Once the doctor prescribed the medicine and dosage of choice, relevant instructions were given to the patient regarding when and how to take the medicine, the purpose of the medicine and any likely side effects and what they should do if they became unwell.

There were protocols in place for identifying and verifying the patient and General Medical Council guidance, or similar, was followed. Patients were required to undergo verification processes, prior to provision of the service. This was achieved by either the patient undertaking a nominal bank transfer or providing identity documents (such as driving licence or passport) to prove their identity. If a patient was unable to verify their identity their request for service was refused. There were processes in place to ensure multiple requests from the same person were not submitted via different accounts. However, the service had not considered whether some of the treatments they provided, such as for those patients seeking treatment for thyroid conditions or obesity necessitated the higher level of identity checks and checks on medical information provided to ensure safe prescribing. However, this constituted only a small part of their overall service, with very few prescriptions being issued for these. The service had, however, asked the patient for information about their health and condition, to allow them to safety prescribe the medication.

Any private prescription issued was posted to the patient at their home address.

Information to deliver safe care and treatment

On registering with the service, and at each online consultation patient identity was verified. The doctors had access to the patient’s previous records held by the service.

Management and learning from safety incidents and alerts

There were systems in place for identifying, investigating and learning from incidents relating to the safety of patients and staff members. We reviewed two incidents and found that these had been fully investigated, discussed and as a result action taken in the form of a change in processes. For example:

They had taken action to address any future occurrence of prescriptions spoiled in transit.

They had addressed an incident where two prescriptions were sent to the incorrect patient. However, they had not notified the Information Commissioners Office of this occurrence in line with information governance procedures.

Significant events and near misses were regularly discussed at team meetings and an annual discussion took place to identify and trends and themes within incidents.

We saw evidence from these two incidents which demonstrated the provider was aware of and complied with the requirements of the duty of candour by explaining to the patient what went wrong, offering an apology and advising them of any action taken.

We were shown records of the action taken in response to recent patient alerts.

Inspection report

Download full report

Effective

Good

Updated 25 November 2019

The service had systems to keep clinicians up to date with current evidence-based practice. We saw that clinicians assessed needs and delivered care and treatment in line with current legislation, standards and guidance. This was particularly evidenced by the approach to prescribing of contraception.

Assessment and treatment

We reviewed five examples of medical records that demonstrated that each doctor assessed patients’ needs and delivered care in line with relevant and current evidence-based guidance and standards, including National Institute for Health and Care Excellence (NICE) evidence-based practice.

We saw several examples where the service had reviewed, refined and improved the service they offered to patients, based on updates from NICE guidance. This was particularly noted in relation to prescribing of contraceptives and or menopause. The approach included improving the information and advice provided to patients.

We reviewed the medical questionnaires which patients completed when requesting services which were dependent on the condition for which they were seeking treatment. If the doctor had not reached a satisfactory conclusion after they reviewed the information provided by the patient, there was a system in place where they could contact them again to gather more information. Computer algorithms automatically prevented patients from seeking treatment for certain conditions. For example, patients who indicated they had complex comorbidity or male patients trying to request contraception.

The doctors providing the service were aware of both the strengths (speed, convenience, choice of time) and the limitations (inability to perform physical examination) of working remotely from patients. They worked carefully to maximise the benefits and minimise the risks for patients. If a patient needed further examination, they were directed to an appropriate agency. If the provider could not deal with the patient’s request, this was explained to the patient and a record kept of the decision.

Patients completed an online form which included their past medical history. There was a set template to complete for the consultation that included the reasons for the consultation and the outcome to be manually recorded, along with any notes about past medical history and diagnosis. We reviewed five medical records which were complete records. We saw that adequate notes were recorded, and the doctors had access to all previous notes.

Quality improvement

The service collected and monitored information on patients’ care and treatment outcomes.

The service used information about patients’ outcomes to make improvements.

The service took part in some quality improvement activity, for example reviews of consultations and prescribing trends. They had completed one single cycle clinical audit on the prescribing of the combined contraceptive pill where patients also reported symptoms of migraine to determine if a prescription was refused appropriately. This found that 407 patients might have been rejected unnecessarily as they had reported migraines without aura. Changes were made to the system to collect more information on the types of migraine symptoms patients were experiencing to reflect current guidelines. The service planned to repeat this with a second cycle of audit to check on the improvements made. There were however, no other clinical audits undertaken or planned by the service.

Staff training

All staff had to complete induction training which consisted of an overview of the structure of the service, policies and procedures, health and safety, information governance and other relevant topics. Staff also completed other training on a regular basis, such as equality and diversity, infection prevention, conflict resolution and safeguarding. Staff training records were maintained in individual staff member records.

Non-clinical staff were given the opportunity of supervision sessions and annual appraisals during which development and training requirements were discussed.

The doctor had regular supervision sessions, and there were systems in place to ensure the doctor had received their own appraisal, which included consideration of their work as an online doctor. However, there was no in-house appraisal for clinical staff, with the service instead relying on the appraisal required as part of the doctor’s registration with the GMC. Good practice was for each service to hold an in-house appraisal which then feeds into the doctors GMC annual appraisal.

Coordinating patient care and information sharing

Before providing treatment, doctors at the service ensured they had adequate knowledge of the patient’s health, any relevant test results and their medicines history. We saw examples of patients being signposted to other services where this information was not available to ensure safe care and treatment.

All patients were asked for consent to share details of their consultation and any medicines prescribed with their registered GP on each occasion they used the service. The default position was enabled on the online questionnaire to always indicate this information was shared with the patients registered GP. However, when patients changed this to deselect sharing the information with their registered GP, the service did not have any processes to highlight the importance of this with the patient. We had previously highlighted this as something the service should address, when we inspected in September 2018. For patients based in England, the doctors recorded details of consultations in English. The IT system they used allowed all information to be translated into Polish or English as required.

The provider had risk assessed the treatments they offered. They did not prescribe any medicines where they identified they were not suitable for prescribing if the patient did not give their consent to share information with their GP, or they were not registered with a GP. The service did not prescribe any medicines liable to abuse or misuse or those for the treatment of long-term conditions such as asthma. Where patients agreed to share their information, we saw evidence of letters sent to their registered GP in line with GMC guidance.

Supporting patients to live healthier lives

The service identified patients who may be in need of extra support and had a range of information available on the website. In addition, the provider had developed a patient education program where patients who had undertaken a consultation were provided with targeted feedback via their account on the patient portal. This aimed to promote. maintaining a healthy life style, disease prevention and the importance of regular health checks. For example, patients prescribed contraception with borderline body mass index (BMI) rates were advised to keep their BMI below 30 and provided with weight management advice. The practice also produced a monthly newsletter on specific conditions and issues, such as menopause and the importance of attending breast, cervical and prostrate screening, to patients in the relevant patient demographic group.

Inspection report

Download full report

Caring

Staff involved and treated people with compassion, kindness, dignity and respect.

Compassion, dignity and respect

All staff had undertaken training on their roles and responsibilities in relation to data protection and

information governance. The provider was registered with the Information Commissioner’s Office. The doctor could access patient records remotely but ensured this was always done in a private and secure location. The computer system used by the service was encrypted.

Doctors undertook online consultations in a private area in the service premises and were not to be disturbed at any time during their working time. The provider carried out random spot checks to ensure the doctors were complying with the expected service standards and communicating appropriately with patients. Feedback arising from these spot checks was relayed to the doctor. Any areas for concern were followed up and the doctor was again reviewed to monitor improvement.

We did not speak to patients directly on the day of the inspection. However, we reviewed the latest survey information from June 2019. Patients were sent an email asking for their feedback after their consultation and there was also access to the survey via the service website. The result of this was an 82% satisfaction level, with 85% of patients responding they would recommend the service to a friend. The survey also enquired about which other functions patients would like to see the service provide. The provider was evaluating the results and considering which of the suggested functions they could deliver safely in the future.

We also received some positive feedback from patients of the service prior to the inspection which set out their high levels of satisfaction with the service.

Involvement in decisions about care and treatment

Patient information guides about how to use the service and technical issues were available. There was a dedicated team to respond to any enquiries.

Patients had access to information about the clinicians/doctors working for the service. As the provider had one doctor available per clinical session, patients were not able to request a consultation with a doctor of choice. However, all staff could speak both English and Polish.

The service offered a ‘live chat’ facility via their website which allowed patients to contact a non-clinical member of staff in real time during office hours. This could be used if a patient was experiencing difficulties in registering for or using the service but could not be used for advice on any medical topic.

Patients were able to access their notes and records via the patient portal which they could sign into via the website using the password they had created when registering with the service.

Inspection report

Download full report

Responsive

Good

Updated 25 November 2019

The provider organised and delivered services to meet patients’ needs. They considered carefully the range of services they delivered to patients to ensure this could be done effectively and safely. They took account of patient needs and preferences.

Responding to and meeting patients’ needs

Patients were able to request a consultation at any time via the provider’s website. The website made it clear that request for consultations would be considered within one to three working days depending on when it was received. This service was not an emergency service. Patients who had a medical emergency were advised to ask for immediate medical help via 999 or if appropriate to contact their own GP or NHS 111.

The digital application allowed people to contact the service from abroad, but all medical practitioners were required to be based within the United Kingdom. Any prescriptions issued to patients in England were delivered to a patient’s home address which they could then present to a pharmacy of their choice. The service also issued prescriptions to patients in other countries, but this was outside the scope of our regulation.

The provider made it clear to patients what the limitations of the service were on their website and in their terms and conditions.

Tackling inequity and promoting equality

The provider offered consultations to anyone over the age of 18 who requested a service and paid the appropriate fee. They did not discriminate against any client group. The provider’s website was available in both English and Polish.

Patients could access a brief description of the clinicians. As the provider only employed female doctors’ patients were not able to choose either a male or female doctor or one that spoke a specific language or had a specific qualification. However, all employed clinicians could speak both English and Polish.

Managing complaints

Information about how to make a complaint was available on the service’s web site. The provider had developed a complaints policy and procedure. The policy contained appropriate timescales for dealing with the complaint. There was escalation guidance within the policy. A specific form for the recording of complaints has been developed and introduced for use. We reviewed the complaint system and noted that comments and complaints made to the service were recorded. We reviewed the two complaints received in the past 12 months.

The provider was able to demonstrate that the complaints we reviewed were handled correctly and patients received a satisfactory response. There was evidence of learning as a result of complaints, changes to the service had been made following complaints, and had been communicated to staff.

Consent to care and treatment

There was clear information on the service’s website describing how the service worked and the cost. A set of frequently asked questions was also available for further supporting information. The website had a set of terms and conditions and details on how the patient could contact them with any enquiries. Information about the cost of the consultation was known in advance but patients were only charged for the consultation if a prescription was issued.

All doctors had received training about the Mental Capacity Act 2005. Staff understood and sought patients’ consent to care and treatment in line with legislation and guidance.

Inspection report

Download full report

Well-led

Good

Updated 25 November 2019

We rated well-led as Good because:

There was a clear vision and strategy to deliver high quality, sustainable care.

Business Strategy and Governance arrangements

The provider told us they had a clear vision to work together to provide a high-quality responsive service that put caring and patient safety at its heart. We reviewed business plans that covered the next financial year.

There was a clear organisational structure and staff were aware of their own roles and responsibilities. There was a range of service specific policies which were available to all staff. These were reviewed and updated when necessary.

Checks were in place to monitor the performance of the service and ensure a comprehensive understanding of the performance of the service was maintained. For example, there was evidence of a recent meeting to discuss and plan for the impact of the UK leaving the European Union.

The provider was able to tell us that approximately 72% of consultations with in the last 12 months had resulted in a prescription being issued. The registered manager told us that the vast majority of these patients were not resident in England but was unable to give us an exact figure for patient’s resident in England only. 91% of the prescriptions issued were for contraception.

There were arrangements for identifying, recording and managing risks, issues and implementing mitigating actions.

Care and treatment records were complete, accurate, and securely kept.

Leadership, values and culture

The registered manager had overall responsibility for the day to day operation of the service, including dealing with complaints and patient feedback. The doctors were responsible for any medical issues arising and there was always a doctor available for contact on a daily basis. The provider was considering extending the services they offered to include offering services to patients in other countries, introducing a tele-dermatology service. An action plan was in place to aid the developments.

The service had an open and transparent culture. We were told that if there were unexpected or unintended safety incidents, the service would give affected patients reasonable support, truthful information and a verbal and written apology. This was supported by an operational policy.

Safety and Security of Patient Information

Systems were in place to ensure that all patient information was stored and kept confidential.

There were policies and IT systems in place to protect the storage and use of all patient information. The service could provide a clear audit trail of who had access to records and from where and when. The service was registered with the Information Commissioner’s Office. There were business contingency plans in place to minimise the risk of losing patient data. However, there was no plan in place or arrangements to ensure ongoing access to legacy medical records in the event the provider ceased trading.

Seeking and acting on feedback from patients and staff

Patients were not routinely sent a post consultation satisfaction survey but were able to provide feedback and rate the service they had received on the providers’ website.

The service used an online reviews site to gather feedback about the service. This showed 98% of patients who responded would recommend the company and there was a 4.9 out of five satisfaction rating (from 1401 reviews). Patient feedback was published on the service’s website.

There was evidence that the doctors could provide feedback about the quality of the operating system and any change requests were logged, discussed and decisions made for the improvements to be implemented.

The provider had a whistleblowing policy in place. (A whistle blower is someone who can raise concerns about practice or staff within the organisation.)

Continuous Improvement

The service consistently sought ways to improve. All staff were involved in discussions about how to run and develop the service and were encouraged to identify opportunities to improve the service delivered.

We saw from minutes of staff meetings where previous interactions and consultations were discussed.

Staff told us that the team meetings were the place where they could raise concerns and discuss areas of improvement. However, as the staff team was small, we saw evidence there was always ongoing discussions about service provision.

There was a quality improvement strategy and the service planned improvements. However, there was limited clinical audit carried out or planned within the service.

Inspection ratings

We rate most services according to how safe, effective, caring, responsive and well-led they are, using four levels:

Outstanding – the service is performing exceptionally well.

Good – the service is performing well and meeting our expectations.

Requires improvement – the service isn't performing as well as it should and we have told the service how it must improve.

Inadequate – the service is performing badly and we've taken enforcement action against the provider of the service.

No rating/under appeal/rating suspended – there are some services which we can’t rate, while some might be under appeal from the provider. Suspended ratings are being reviewed by us and will be published soon.

Ticks and crosses

We don't rate every type of service. For services we haven't rated we use ticks and crosses to show whether we've asked them to take further action or taken enforcement action against them.

There's no need for the service to take further action. If this service has not had a CQC inspection since it registered with us, our judgement may be based on our assessment of declarations and evidence supplied by the service.

The service must make improvements.

At least one standard in this area was not being met when we inspected the service and we have taken enforcement action.